cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.11.11.165 By Nicolas Coolman (2015/11/11)
~ Run by simo (Administrator) (2015/11/11 12:39:21)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\hmayt\Desktop\ZHPDiag.txt
~ Report: C:\Users\hmayt\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10240)

---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v46.0.2490.86
MFIE: Mozilla Firefox 42.0 (x86 es-ES) v42.0
MSIE: Internet Explorer v11.0.10240.16431

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ System protection software (3) - 10s
ESET Smart Security v9.0.318.20
Malwarebytes Anti-Malware النسخة 2.2.0.1024
Windows Defender (Deactivate)

---\\ System optimization software (1) - 11s
CCleaner v5.05

---\\ Surveillance software (2) - 11s
Adobe Flash Player 19 PPAPI
Adobe Acrobat Reader DC - Español

---\\ Information on the system (6) - 0s
~ Operating System: AMD64 Family 21 Model 16 Stepping 1, AuthenticAMD
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 7543.056 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 82 GB () free of 139 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: DESKTOP-O0HFN1Q
~ User Name: simo
~ Logged in as Administrator

---\\ Enumeration of the disk units (4) - 0s
~ Drive C: has 82 GB free of 139 GB (System)
~ Drive E: has 27 GB free of 79 GB
~ Drive S: has 63 GB free of 196 GB
~ Drive W: has 13 GB free of 59 GB

---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (24) - 1s
[MD5.F1CBCB7FA6F3B309639AA2D4EF74469C] - 11/08/2015 - (.Microsoft Corporation - مستكشف Windows.) -- C:\Windows\Explorer.exe [4532304] ©
[MD5.5DED2A3F11AE916C8F2724947E736261] - 10/07/2015 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [59392] ©
[MD5.7718A2A9B2BFB2C8E2BAEB03310CA3FD] - 18/07/2015 - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) -- C:\Windows\System32\Wininit.exe [290312] ©
[MD5.E5D86250453B33900666D92ED1A92ABE] - 17/09/2015 - (.Microsoft Corporation - ملحقات الإنترنت لـ Win32.) -- C:\Windows\System32\wininet.dll [2740224] ©
[MD5.C527C9231D39BF69611F5F8C80C36140] - 30/10/2015 - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) -- C:\Windows\System32\Winlogon.exe [579072] ©
[MD5.ECB1943967424DFB96E03F6A098434EF] - 19/07/2015 - (.Microsoft Corporation - مكتبة تراخيص البرامج.) -- C:\Windows\System32\sppcomapi.dll [430592] ©
[MD5.C287D0E32771E3222A444DC527A29477] - 10/07/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [680256] ©
[MD5.BB5BBD0E4D04047585E4ED0F07AA51E7] - 10/07/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [534064] ©
[MD5.6C12C7E01A4F64E0AA9C88AF66955CC9] - 10/07/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [577888] ©
[MD5.8921DF6060DB5C7700AA48CB12E9EA08] - 10/07/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [28512] ©
[MD5.F2829DC6D292DCAC5029893BB2E9FEE3] - 10/07/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92672] ©
[MD5.CA160E02F35A61C6F5C681FB4669C519] - 10/07/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [174080] ©
[MD5.25435407D97419627F4B10653433BF2B] - 10/07/2015 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [138240] ©
[MD5.C277A49F8A8295840DEBC9240B75A282] - 10/07/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [80896] ©
[MD5.D4CDEE4A62BDFFF6E8558A9552148EA7] - 10/07/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [114688] ©
[MD5.5D3744E6FDEC1A6FB3FA9B1DD4AF0694] - 10/07/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [143360] ©
[MD5.1DF2C5FD2710A13B07E663A12F0E0EEA] - 10/07/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [415232] ©
[MD5.F0D791348AD254360CC3C3E501CCB745] - 10/07/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [273408] ©
[MD5.466EC5659C02ED53DBD47DC1BC2B8086] - 30/07/2015 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [2116448] ©
[MD5.38F1AE32339731F6E5A7281AE8042545] - 10/07/2015 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [96768] ©
[MD5.CA60F6C03611AF1710BC903ED9F566FB] - 10/07/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [104960] ©
[MD5.A32AED8C644734B283A7C9D08D76064D] - 10/07/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [176128] ©
[MD5.28E1E63A1AC65E17B3194238FA2CF3BF] - 10/07/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [116576] ©
[MD5.823A237D871CD652C6BFD47BECB6810A] - 10/07/2015 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [378720] ©

---\\ Non Microsoft non disabled Windows Services (22) - 2s
O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ©
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit - Advanced SystemCare Service.) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ©
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe ©
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - AMD Fuel Service.) - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe ©
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
O23 - Service: Servicio Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe ©
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe ©
O23 - Service: Everything (Everything) . (.Copyright (C) 2014 David Carpenter - Everything.) - C:\Program Files\Everything\Everything.exe ©
O23 - Service: Servicio de Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service: @oem21.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe ©
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe ©
O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe ©
O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe ©
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: Mobizen plugin (Mobizen plugin) . (.Rsupport Corporation - Mobizen service.) - C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ©
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe ©
O23 - Service: Acronis Sync Agent Service (syncagentsrv) . (.Acronis - TrueImage Sync Agent Service.) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ©
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ©
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ©
O23 - Service: Winstep Xtreme Service (Winstep Xtreme Service) . (...) - C:\Program Files (x86)\Winstep\WsxService (.not file.)

---\\ Task Planned Automatically (45) - 4s
[MD5.2EED3542F86F77D56569504B37C8108A] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1045720] ©
[MD5.8D228FE5141BB83CF94760E00DFDB65F] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe [1158856] ©
[MD5.91B88B8845AE709EB780D372372A0BBF] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] ©
[MD5.CD30E21CC360F2EE084F43C2B2F473F1] [APT] [AMD.PROCC CleanupCookies] (.AMD.) -- C:\Program Files (x86)\AMD PRO Control Center\AMD.PROCC.CleanupSchedulerTool.exe [15464] ©
[MD5.CD30E21CC360F2EE084F43C2B2F473F1] [APT] [AMD.PROCC CleanupTemporaryInternetFiles] (.AMD.) -- C:\Program Files (x86)\AMD PRO Control Center\AMD.PROCC.CleanupSchedulerTool.exe [15464] ©
[MD5.FEE52456CA39F9EECE23420783E95D5F] [APT] [AMD.PROCC SleepHibernate Computer] (.AMD.) -- C:\Program Files (x86)\AMD PRO Control Center\AMD.PROCC.Notifier.exe [35432] ©
[MD5.FEE52456CA39F9EECE23420783E95D5F] [APT] [AMD.PROCC WakeUp Computer] (.AMD.) -- C:\Program Files (x86)\AMD PRO Control Center\AMD.PROCC.Notifier.exe [35432] ©
[MD5.E5F46B921DA34C804DBBD012591A6A8B] [APT] [ASC9_PerformanceMonitor] (.IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [1514784] ©
[MD5.1049869EC7882034C5CB1E5266F138B0] [APT] [ASC9_SkipUac_simo] (.IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [4991776] ©
[MD5.4055F0DFB750F0174D9C81BAB5276B51] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6276888] ©
[MD5.84770B3DD90C26C7818EBE33A019D361] [APT] [Driver Booster Scheduler] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [1001792] ©
[MD5.765D831C472A2E281A11FD34EE119CD9] [APT] [Driver Booster SkipUAC (hmayt)] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [4527424] ©
[MD5.765D831C472A2E281A11FD34EE119CD9] [APT] [Driver Booster SkipUAC (simo)] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [4527424] ©
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.3DA2B70325A5947E981387DB9A9BD843] [APT] [HPCeeScheduleForsimo] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568] ©
[MD5.58CF86328E4706FC2DA3C9D8676DE24D] [APT] [Uninstaller_SkipUac_hmayt] (.IObit.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4848928] ©
[MD5.58CF86328E4706FC2DA3C9D8676DE24D] [APT] [Uninstaller_SkipUac_simo] (.IObit.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4848928] ©
[MD5.262821E17F164E2FEA33ED8549E047FF] [APT] [Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [178776] ©
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [918] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [838] ©
O39 - APT: ASC9_SkipUac_simo - (.IObit.) -- C:\Windows\Tasks\ASC9_SkipUac_simo.job [268] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1124] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1128] ©
O39 - APT: HPCeeScheduleForsimo - (.Hewlett-Packard.) -- C:\Windows\Tasks\HPCeeScheduleForsimo.job [360] ©
O39 - APT: Uninstaller_SkipUac_hmayt - (.IObit.) -- C:\Windows\Tasks\Uninstaller_SkipUac_hmayt.job [310] ©
O39 - APT: Uninstaller_SkipUac_simo - (.IObit.) -- C:\Windows\Tasks\Uninstaller_SkipUac_simo.job [308] ©
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3972] ©
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [4056] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3824] ©
O39 - APT: AMD.PROCC CleanupCookies - (.AMD.) -- C:\Windows\System32\Tasks\AMD.PROCC CleanupCookies [3596] ©
O39 - APT: AMD.PROCC CleanupTemporaryInternetFiles - (.AMD.) -- C:\Windows\System32\Tasks\AMD.PROCC CleanupTemporaryInternetFiles [3620] ©
O39 - APT: AMD.PROCC SleepHibernate Computer - (.AMD.) -- C:\Windows\System32\Tasks\AMD.PROCC SleepHibernate Computer [7290] ©
O39 - APT: AMD.PROCC WakeUp Computer - (.AMD.) -- C:\Windows\System32\Tasks\AMD.PROCC WakeUp Computer [7124] ©
O39 - APT: ASC9_PerformanceMonitor - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_PerformanceMonitor [3316] ©
O39 - APT: ASC9_SkipUac_simo - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_SkipUac_simo [2436] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2838] ©
O39 - APT: Driver Booster Scheduler - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Scheduler [3426] ©
O39 - APT: Driver Booster SkipUAC (hmayt) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (hmayt) [3074] ©
O39 - APT: Driver Booster SkipUAC (simo) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (simo) [3072] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3954] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4186] ©
O39 - APT: HPCeeScheduleForsimo - (.Hewlett-Packard.) -- C:\Windows\System32\Tasks\HPCeeScheduleForsimo [3248] ©
O39 - APT: Uninstaller_SkipUac_hmayt - (.IObit.) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_hmayt [2496] ©
O39 - APT: Uninstaller_SkipUac_simo - (.IObit.) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_simo [2490] ©

---\\ Process running (61) - 5s
[MD5.F02CBF8A4A7D1F62B2B9AED7388DAE3E] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [946976] [PID.1140] ©
[MD5.6E4A1DBDF11BC7D1574A866614C19D57] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2505472] [PID.1372] ©
[MD5.9C90C69711A7A0518BA0EF1EE04E5FE3] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [255512] [PID.1720] ©
[MD5.2456CAA57C1DBF8DD4AAB89A293F9F26] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\System32\Hpservice.exe [54448] [PID.1880] ©
[MD5.ABEDA1577FDE088A887E305BC43B1B76] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360] [PID.1944] ©
[MD5.B048C87A82322C06F0F22C7627D60B57] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463960] [PID.2564] ©
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2584] ©
[MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.2592] ©
[MD5.B12D8F8A42080B955D027EE56F5BD1C3] - (.Advanced Micro Devices, Inc. - AMD Fuel Service.) -- C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064] [PID.2624] ©
[MD5.0F6A17DC2DA7CFF449C9293CB772DAD5] - (.Adobe Systems Incorporated - Adobe Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112] [PID.2772] ©
[MD5.5100AE7C075C9436E9DD45F96A4A74FC] - (.IObit - Product Updater.) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048] [PID.2864] ©
[MD5.FE18DDEA98D90DBF850AFCA0158ABEC8] - (.Copyright (C) 2014 David Carpenter - Everything.) -- C:\Program Files\Everything\Everything.exe [1441792] [PID.2920] ©
[MD5.B2E0C6FD6CA1B5EBC4E8DB8C674A661B] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016] [PID.2948] ©
[MD5.86701B8E4C53280AA8642AC85F8500F4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.3024] ©
[MD5.13EFD6BFACB707457A42B25E06AD0421] - (.Winstep Software Technologies - Winstep Xtreme Helper Service.) -- C:\Program Files (x86)\Winstep\WsxService.exe [377344] [PID.3060] ©
[MD5.2AA61246A5B813C1B12BCCFAA6F23DD8] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416] [PID.2376] ©
[MD5.3EEDF446E29B6B8F7AD5AFA59B84800B] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472] [PID.2488] ©
[MD5.E27891A49DF92004041FEC5C3A2D4230] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120] [PID.3044] ©
[MD5.E1768C436DF49E0A0F8CB9DC57BDA73B] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit 64bit tasks.) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe [359736] [PID.3516] ©
[MD5.CB5A8B34FA37AE53053F2D3DF05AC1E6] - (.Hewlett-Packard Company - HP Support Solutions Framework Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800] [PID.8036] ©
[MD5.1173C0D87C37D145D65E2750875B721F] - (.Acronis - TrueImage Sync Agent Service.) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7637744] [PID.7996] ©
[MD5.7B7DE6B3DC30F3246958F42C67A6F7BB] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102472] [PID.4952] ©
[MD5.A40DD975A9B3A51886FF22263A2748CC] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [745224] [PID.9652] ©
[MD5.A0292CA9345D1E52C29DC8D75AC66E73] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [681496] [PID.756] ©
[MD5.D0A518D233620D59A3D2D79511FBB736] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6212408] [PID.4052] ©
[MD5.96F8EBDA7375B62C99616D8A54D03133] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5521608] [PID.6840] ©
[MD5.E5F46B921DA34C804DBBD012591A6A8B] - (.IObit - Performance Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [1514784] [PID.10584] ©
[MD5.7760A39EB14E40C81E30DE19498A4AE8] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624] [PID.4616] ©
[MD5.84222E8F33BB6080953F130D246BB78B] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136] [PID.6284] ©
[MD5.015BE8DC7A551728CEFD5DD96EE14E80] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [210120] [PID.4304] ©
[MD5.9B0269A0D6883D0BE4CCF4BE1895A1DE] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [503856] [PID.10488] ©
[MD5.CD2B9C68387298BF4EFA7822C7D38275] - (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8505088] [PID.4456] ©
[MD5.FE18DDEA98D90DBF850AFCA0158ABEC8] - (.Copyright (C) 2014 David Carpenter - Everything.) -- C:\Program Files\Everything\Everything.exe [1441792] [PID.9836] ©
[MD5.068E34C56209B82138848B7F9DE6B987] - (.Winstep Software Technologies - NeXuS.) -- C:\Program Files (x86)\Winstep\Nexus.exe [18378880] [PID.11080] ©
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.8680]
[MD5.BDAE453D2EBCCDE40FC17F3094A43E29] - (.AppEx Networks Corporation - AMD Quick Stream.) -- C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640] [PID.7340] ©
[MD5.84199957C831290C3D8ED9867C18BA84] - (.IObit - Advanced SystemCare 9.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2009376] [PID.10512] ©
[MD5.5881014FEADC6E65C08586D6E33CB8C7] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152] [PID.1960] ©
[MD5.6895FB18F7E3A58E40F124A329D48345] - (.FastStone Soft - FastStone Capture.) -- C:\Program Files (x86)\FastStone Capture\FSCapture.exe [1413632] [PID.5820] ©
[MD5.90F08C914B0492762B6A8A99703FFA2E] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728] [PID.4324] ©
[MD5.F4BC46AD4FC1F2F3372EBF8505D00436] - (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe [127528] [PID.9820] ©
[MD5.F0D778624E6F3A67034E3958208B2DFC] - (...) -- C:\Program Files (x86)\DFX\DFX.exe [1274840] [PID.6856]
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.5320] ©
[MD5.13D47B1FCE71DE8B8B95F6AFC3166852] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe [307400] [PID.3244] ©
[MD5.B6763544ECC204767E3222ACE4FBFBFE] - (.Copyright © 2013 FXsound.com, a subsidiary of Power T - DFX.) -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe [130520] [PID.780]
[MD5.C46C5CE5A5494B6A25D53A5D1A3B599B] - (.Copyright © 2013 FXsound.com, a subsidiary of Power T - DFX.) -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe [132056] [PID.6544]
[MD5.75C70C96EB10E792CF4463230954B5FE] - (...) -- C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe [167384] [PID.10576]
[MD5.942E02374F3AE65175EF6FAC30C9246E] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe [307912] [PID.5784] ©
[MD5.6D32B2F4BF39B6BF6E3EF5CB9362E2F5] - (.IObit - IObit Uninstaller 5 UninstallMontior.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe [260896] [PID.8312] ©
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.2224] ©
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.7216] ©
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.5740] ©
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.4636] ©
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.11100] ©
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.3140] ©
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.7312] ©
[MD5.A1D21F1E7E9B27075217DF9AF1056F1F] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [8345568] [PID.6516]
[MD5.D8A7BCC40B5E8C130A97D922327ADBDB] - (.BEMBARKA - Al-Manara.) -- S:\Paltalk\paltalk program\Al-Manara 11.4.0\Al-Manara 11.4.0\Al-Manara 11.4.0\Al-Manara.exe [605696] [PID.4596]
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.4544] ©
[MD5.0BE64FAB577BFA54443C680343AEC85F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.5164] ©
[MD5.640F63E36FA89D9306961D68DF000AF1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\hmayt\Desktop\ZHPDiag3.exe [1968128] [PID.7708] ©

---\\ Google Chrome, Start,Search,Extensions (18) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.facebook.es
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.es
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake]Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf]Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo]Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb]__MSG_name__
G2 - GCE: Preference [User Data\Default] [cnlojoclkbpmfhakhaagjpjfifbaoadf]IDM Integration Module Extension
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf]Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dchhalahcjpkabdgonjhoogdcipienhf]ZenMate - IP & Browser Check
G2 - GCE: Preference [User Data\Default] [elioihkkcdgakfbahdoddophfngopipi]Photo Zoom for Facebook
G2 - GCE: Preference [User Data\Default] [fdcgdnkidjaadafnichfpabhfomcebme]Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fiombgjlkfpdpkbhfioofeeinbehmajg]__MSG_word_title__
G2 - GCE: Preference [User Data\Default] [ibfeeihclloofhfeghlpfgcemjnmebba]Radios de España
G2 - GCE: Preference [User Data\Default] [iljojpiodmlhoehoecppliohmplbgeij]Kami (formerly Notable PDF)
G2 - GCE: Preference [User Data\Default] [lnkdbjbjpnpjeciipoaflmpcddinpjjp]SmartVideo For YouTube™
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek]IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda]Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia]Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (7) - 1s
M0 - MFSP: prefs.js [simo - 3hpt4ns8.default] https://www.google.es/?gws_rd=ssl
P2 - EXT FILE: (...) -- C:\Users\hmayt\AppData\Roaming\Mozilla\Firefox\Profiles\3hpt4ns8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\hmayt\AppData\Roaming\Mozilla\Firefox\Profiles\3hpt4ns8.default\extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ©
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ©
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft.) -- C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL ©

---\\ Internet Explorer Extensions, Start, Search (18) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.es
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (87)

---\\ Browser Helper Object (BHO) (4) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Orphean)
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O2 - BHO: (no name) [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} (Orphean)

---\\ Auto loading programs from Registry and folders (26) - 1s
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe ©
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE ©
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe ©
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ©
O4 - HKLM\..\Run: [Everything] . (.Copyright (C) 2014 David Carpenter - Everything.) -- C:\Program Files\Everything\Everything.exe ©
O4 - HKCU\..\Run: [Nexus] . (.Winstep Software Technologies - NeXuS.) -- C:\Program Files (x86)\Winstep\Nexus.exe ©
O4 - HKCU\..\Run: [RocketDock.exe] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [AppEx Accelerator UI] . (.AppEx Networks Corporation - AMD Quick Stream.) -- C:\Program Files\AMD Quick Stream\AMDQuickStream.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes Anti-Exploit] . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe ©
O4 - HKLM\..\Wow6432Node\Run: [CanonSolutionMenuEx] . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE ©
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ©
O4 - HKLM\..\Wow6432Node\Run: [AcronisTibMounterMonitor] . (.Acronis International GmbH - Acronis TIB Mounter Monitor.) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe ©
O4 - HKLM\..\Wow6432Node\Run: [AccelerometerSysTrayApplet] . (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe ©
O4 - HKLM\..\Wow6432Node\Run: [DFX] . (...) -- C:\Program Files (x86)\DFX\DFX.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe ©
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe ©
O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (...) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Wallpapers Bot] . (.Teriks Group Corp. - WallapersBot.) -- C:\Program Files (x86)\Wallpapers Bot\wallpapers_bot.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-21-928329678-3722016517-1667823006-1001\..\Run: [Nexus] . (.Winstep Software Technologies - NeXuS.) -- C:\Program Files (x86)\Winstep\Nexus.exe ©
O4 - HKUS\S-1-5-21-928329678-3722016517-1667823006-1001\..\Run: [RocketDock.exe] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-928329678-3722016517-1667823006-1001\..\Run: [AppEx Accelerator UI] . (.AppEx Networks Corporation - AMD Quick Stream.) -- C:\Program Files\AMD Quick Stream\AMDQuickStream.exe ©

---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.30.30.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 10.30.30.23

---\\ Extra protocols (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL ©

---\\ Software installed (126) - 45s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: Acoustica Mixcraft Pro Studio 7 (64-bit) - (.Acoustica.) [HKLM][64Bits] -- Mixcraft 7-64 ©
O42 - Logiciel: Acronis True Image 2016 - (.Acronis.) [HKLM][64Bits] -- {5E5999D7-85DD-4B82-B48B-5F60BDFAC502} ©
O42 - Logiciel: Acronis True Image 2016 - (.Acronis.) [HKLM][64Bits] -- {5E5999D7-85DD-4B82-B48B-5F60BDFAC502}Visible ©
O42 - Logiciel: Adobe Acrobat Reader DC - Español - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1034-7B44-AC0F074E4100} ©
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0274D240-4D1D-4FDA-9A36-09F0BECD288F} ©
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR ©
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Adobe Flash Player 19 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI ©
O42 - Logiciel: Adobe Photoshop CC 2014 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D7A4F897-B20A-42D0-862D-CB5F6DB7391D} ©
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824157129} ©
O42 - Logiciel: Advanced SystemCare 9 - (.IObit.) [HKLM][64Bits] -- Advanced SystemCare_is1 ©
O42 - Logiciel: Al-Resalah - (.Fajr El-islam .soft.) [HKLM][64Bits] -- Al-Resalah2.02
O42 - Logiciel: Al-Resalah - (.Fajr El-islam.) [HKLM][64Bits] -- Al-Resalah2.2
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {66AFB595-BC05-2913-7696-6D58F9B733E1} ©
O42 - Logiciel: AMD PRO Control Center - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BDFBDA0C-2525-4EF1-85F4-78CC66D4F878} ©
O42 - Logiciel: AMD Quick Stream - (.AppEx Networks.) [HKLM][64Bits] -- {E9EED4AE-682B-4501-9574-D09A21717599}_is1 ©
O42 - Logiciel: AOMEI Partition Assistant Pro Edition 5.8 - (.AOMEI Technology Co., Ltd..) [HKLM][64Bits] -- {02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2F72F540-1F60-4266-9506-952B21D6640D} ©
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ©
O42 - Logiciel: Ashampoo Burning Studio 2015 v.1.15.3 - (.Ashampoo GmbH & Co. KG.) [HKLM][64Bits] -- {91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1 ©
O42 - Logiciel: Aurora 3D Animation Maker version 14.07.21 - (.Aurora3D Software.) [HKLM][64Bits] -- {4F6B6582-B9F6-42B2-AAFC-48G097D07837}_is1
O42 - Logiciel: AutoPlay Media Studio 8 Trial - (.Indigo Rose Corporation.) [HKLM][64Bits] -- AutoPlay Media Studio 8 Trial
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM][64Bits] -- {D1566597-887B-6FAB-A761-018A5D75D6EC}
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM][64Bits] -- sa.edu.ksa.ayat
O42 - Logiciel: Bass Audio Decoder (remove only) - (...) [HKLM][64Bits] -- Bass Audio Decoder
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} ©
O42 - Logiciel: Canon MP Navigator EX 5.0 - (...) [HKLM][64Bits] -- MP Navigator EX 5.0
O42 - Logiciel: Canon Solution Menu EX - (...) [HKLM][64Bits] -- CanonSolutionMenuEX
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47} ©
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} ©
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {AF312B06-5C5C-468E-89B3-BE6DE2645722} ©
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F} ©
O42 - Logiciel: Compatibilidad con Aplicaciones de Apple - (.Apple Inc..) [HKLM][64Bits] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} ©
O42 - Logiciel: Cool Record Edit Deluxe v8.6.1 - (.Copyright(C) 2005-2014 CoolMedia, Inc..) [HKLM][64Bits] -- Cool Record Edit Deluxe_is1
O42 - Logiciel: DCoder Image Source (remove only) - (...) [HKLM][64Bits] -- DCoder Image Source
O42 - Logiciel: DFX - (.Power Technology.) [HKLM][64Bits] -- DFX ©
O42 - Logiciel: DirectVobSub (remove only) - (...) [HKLM][64Bits] -- DirectVobSub
O42 - Logiciel: Driver Booster 3.0 - (.IObit.) [HKLM][64Bits] -- Driver Booster_is1 ©
O42 - Logiciel: Driver Magician 4.6 - (.GoldSolution Software, Inc..) [HKLM][64Bits] -- Driver Magician_is1
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM][64Bits] -- {B21BD1BA-2717-4960-BAE4-39CFF7983019}
O42 - Logiciel: Everything 1.3.4.686 (x64) - (...) [HKLM][64Bits] -- Everything
O42 - Logiciel: FastStone Capture 8.0 - (.FastStone Soft.) [HKLM][64Bits] -- FastStone Capture ©
O42 - Logiciel: ffdshow v1.3.4533 [2014-09-29] - (...) [HKLM][64Bits] -- ffdshow_is1
O42 - Logiciel: Flash Memory Toolkit trial 2.01 - (.EFD Software.) [HKLM][64Bits] -- Flash Memory Toolkit trial_is1 ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} ©
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A} ©
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {C9EF1AAF-B542-41C8-A537-1142DA5D4AEC} ©
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {1B27BDCF-4A5B-4D70-9590-7D50247DC1D4} ©
O42 - Logiciel: HP USB Disk Storage Format Tool - (...) [HKLM][64Bits] -- {0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}
O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {941DE69D-6CEE-4171-8F1F-3D7E352AA498} ©
O42 - Logiciel: iFunbox (v3.0.3109.1352) - (.iFunbox DevTeam.) [HKLM][64Bits] -- iFunbox_is1 ©
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager ©
O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM][64Bits] -- IObitUninstall ©
O42 - Logiciel: iRoot - (.Shenzhen Xinyi Network Co.,Ltd..) [HKLM][64Bits] -- {1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1
O42 - Logiciel: ISO to USB - (.isotousb.com.) [HKLM][64Bits] -- {D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1 ©
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {427174C0-096E-40D9-9684-9C109BEE2CBF} ©
O42 - Logiciel: Java 8 Update 65 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218065F0} ©
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} ©
O42 - Logiciel: Kit de instalación automatizada de Windows - (.Microsoft Corporation.) [HKLM][64Bits] -- {31E8F586-4EF7-4500-844D-BA8756474FF1} ©
O42 - Logiciel: Kodi - (.XBMC-Foundation.) [HKCU][64Bits] -- Kodi ©
O42 - Logiciel: LAV Filters 0.66.0-33 - (.Hendrik Leppkes.) [HKLM][64Bits] -- lavfilters_is1 ©
O42 - Logiciel: LINE - (.LINE Corporation.) [HKLM][64Bits] -- LINE ©
O42 - Logiciel: MadVR (remove only) - (...) [HKLM][64Bits] -- MadVR
O42 - Logiciel: Malwarebytes Anti-Exploit version 1.07.1.1015 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Exploit_is1 ©
O42 - Logiciel: Malwarebytes Anti-Malware النسخة 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM][64Bits] -- MEGAsync ©
O42 - Logiciel: Microsoft CAPICOM 2.1.0.2 SDK - (.Microsoft Corporation.) [HKLM][64Bits] -- {2FF43F5D-5729-4E02-A548-310E30A5F29B} ©
O42 - Logiciel: Mobizen - (.RSUPPORT.) [HKLM][64Bits] -- {BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}
O42 - Logiciel: Mozilla Firefox 42.0 (x86 es-ES) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 42.0 (x86 es-ES) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D66B7840-6A9B-11E4-8FED-F04DA23A5C58} ©
O42 - Logiciel: NewBlue Video Essentials VI for Windows - (.NewBlue.) [HKLM][64Bits] -- NewBlue Video Essentials VI for Windows ©
O42 - Logiciel: Nexus 15.9 - (...) [HKLM][64Bits] -- Winstep Xtreme_is1
O42 - Logiciel: NTLite v1.0.0.3363 Beta - (.Dino Nuhagic.) [HKLM][64Bits] -- NTLite_is1 ©
O42 - Logiciel: OEM Application Profile - (.Nombre de su organización.) [HKLM][64Bits] -- {B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}
O42 - Logiciel: Paltalk Messenger 11.6 - (.AVM Software Inc..) [HKLM][64Bits] -- Paltalk Messenger
O42 - Logiciel: Process Hacker 2.36 (r6153) - (.wj32.) [HKLM][64Bits] -- Process_Hacker2_is1 ©
O42 - Logiciel: ProgDVB x64 - (.Prog.) [HKLM][64Bits] -- ProgDVB
O42 - Logiciel: pwpe8 - (.xzxzxz.) [HKLM][64Bits] -- {8A933683-6CD6-4319-AF04-4E4171FD088F}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {3D9892BB-A751-4E48-ADC8-E4289956CE1D} ©
O42 - Logiciel: Raptr - (...) [HKLM][64Bits] -- Raptr
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {A5107464-AA9B-4177-8129-5FF2F42DD322} ©
O42 - Logiciel: Resource Hacker Version 4.2.5 - (...) [HKLM][64Bits] -- ResourceHacker_is1
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM][64Bits] -- RocketDock_is1 ©
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} ©
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} ©
O42 - Logiciel: Samsung SideSync - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- Samsung SideSync ©
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} ©
O42 - Logiciel: Shark Mwssenger - (...) [HKLM][64Bits] -- Shark Mwssenger
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Skype™ 7.8 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} ©
O42 - Logiciel: Smart Switch - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {74FA5314-85C8-4E2A-907D-D9ECCCB770A7} ©
O42 - Logiciel: Smart Switch - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7} ©
O42 - Logiciel: Surfing Protection - (.IObit.) [HKLM][64Bits] -- IObit Surfing Protection_is1 ©
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey ©
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer ©
O42 - Logiciel: TV 3L PC version 1.3.9.4 - (.Smart PC Soft, Ltd..) [HKLM][64Bits] -- {0BBD0F9C-12E5-456A-A6FC-372324F3D082}_is1
O42 - Logiciel: UltraISO Premium V9.53 - (...) [HKLM][64Bits] -- UltraISO_is1
O42 - Logiciel: URL Helper - (...) [HKLM][64Bits] -- URL Helper_is1
O42 - Logiciel: Vegas Pro 13.0 (64-bit) - (.Sony.) [HKLM][64Bits] -- {204DC300-0BC8-11E5-B87F-F04DA23A5C58} ©
O42 - Logiciel: Viber - (.Viber Media Inc..) [HKCU][64Bits] -- {e577cb09-2068-44fb-8eed-cfcc1617b010}
O42 - Logiciel: Viber - (.Viber Media Inc..) [HKLM][64Bits] -- {703E9CCF-0578-4AF0-B1F7-90368CFDC8DD}
O42 - Logiciel: Virtual Audio Cable 4.10 - (...) [HKLM][64Bits] -- Virtual Audio Cable 4.10
O42 - Logiciel: Virtual Audio Streaming 4.0 - (.ShiningMorning LLC..) [HKLM][64Bits] -- {B9FDEDF1-DD77-42BD-B2BD-ABCB30655C73}_is1
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484} ©
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player ©
O42 - Logiciel: Wallpapers Bot - (.DK Digital Labs.) [HKLM][64Bits] -- Wallpapers Bot
O42 - Logiciel: WebcamMax - (...) [HKLM][64Bits] -- WebcamMax
O42 - Logiciel: Windows 10 Manager - (.Yamicsoft.) [HKLM][64Bits] -- {F3E2FAA7-1048-4988-B726-45627EE1FB80} ©
O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {CCF298AF-9CE1-4B26-B251-486E98A34789} ©
O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst ©
O42 - Logiciel: WinRAR 5.21 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: WinSetupFromUSB - (...) [HKCU][64Bits] -- WinSetupFromUSB
O42 - Logiciel: WinToUSB version 2.3 - (.The EasyUEFI Development Team..) [HKLM][64Bits] -- WinToUSB_is1
O42 - Logiciel: Xilisoft Video Convertidor Ultimate - (.Xilisoft.) [HKCU][64Bits] -- Xilisoft Video Convertidor Ultimate ©
O42 - Logiciel: Zoom Player (remove only) - (.Inmatrix LTD.) [HKLM][64Bits] -- ZoomPlayer

---\\ HKCU & HKLM Software Keys (187) - 46s
HKLM\SOFTWARE\Wow6432Node\7-Zip
HKLM\SOFTWARE\Wow6432Node\Acoustica
HKLM\SOFTWARE\Wow6432Node\Acronis
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Advanced Micro Devices, Inc.
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Ashampoo
HKLM\SOFTWARE\Wow6432Node\ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Avg
HKLM\SOFTWARE\Wow6432Node\AVG Tuneup
HKLM\SOFTWARE\Wow6432Node\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKLM\SOFTWARE\Wow6432Node\Canon
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\Cygnus Solutions
HKLM\SOFTWARE\Wow6432Node\DFX
HKLM\SOFTWARE\Wow6432Node\DirectShowFilters
HKLM\SOFTWARE\Wow6432Node\EasyBoot Systems
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\GN2
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard Company
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Inmatrix
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\LINE Corporation
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MT Solution
HKLM\SOFTWARE\Wow6432Node\Naver
HKLM\SOFTWARE\Wow6432Node\NewBlue
HKLM\SOFTWARE\Wow6432Node\NHN Corporation
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PM
HKLM\SOFTWARE\Wow6432Node\PowerTechnology
HKLM\SOFTWARE\Wow6432Node\Raptr
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\REALTEK Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RtWLan
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Sony Creative Software
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\Ubisoft
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\VMware, Inc.
HKLM\SOFTWARE\Wow6432Node\Wallpapers Bot
HKLM\SOFTWARE\Wow6432Node\WebcamMax
HKLM\SOFTWARE\Wow6432Node\WinPcap
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\wtu
HKLM\SOFTWARE\Wow6432Node\XinYi Network
HKLM\SOFTWARE\Wow6432Node\Yahoo
HKLM\SOFTWARE\Wow6432Node\Zemana
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\8322898
HKCU\SOFTWARE\Acoustica
HKCU\SOFTWARE\Acronis
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Advanced Micro Devices, Inc.
HKCU\SOFTWARE\Akeo Consulting
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AppEx Networks
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Applications WinDev
HKCU\SOFTWARE\Applied Acoustics Systems
HKCU\SOFTWARE\Ashampoo
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\Avg
HKCU\SOFTWARE\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKCU\SOFTWARE\BeatRig
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\C-Media
HKCU\SOFTWARE\Camfrog
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\CanonBJ
HKCU\SOFTWARE\Caphyon
HKCU\SOFTWARE\Code Sector
HKCU\SOFTWARE\Cool Record Edit Deluxe
HKCU\SOFTWARE\Crystal Reality
HKCU\SOFTWARE\Cygnus Solutions
HKCU\SOFTWARE\DFX
HKCU\SOFTWARE\Digimarc
HKCU\SOFTWARE\DirectShow
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Driver Magician
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DSP-worx
HKCU\SOFTWARE\dx20120105
HKCU\SOFTWARE\EasyBoot Systems
HKCU\SOFTWARE\EFD Software
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GN2
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Golden Frog, GmbH.
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GreenTree Applications
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HT
HKCU\SOFTWARE\i-FunBox.com
HKCU\SOFTWARE\IDeskSoft
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\initex software
HKCU\SOFTWARE\IObit
HKCU\SOFTWARE\iZotope
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Kodi
HKCU\SOFTWARE\LAV
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MyLanViewer
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NewBlue
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Paltalk
HKCU\SOFTWARE\Partition Assistant
HKCU\SOFTWARE\PC SOFT
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\ProtectedData
HKCU\SOFTWARE\pth264
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Raptr
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\redsn0w
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RocketDock
HKCU\SOFTWARE\RootGenius
HKCU\SOFTWARE\RSUPPORT
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\shark Messenger
HKCU\SOFTWARE\ShiningMorning
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Ubisoft
HKCU\SOFTWARE\URLHelper
HKCU\SOFTWARE\uTorrentPlus
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Viber
HKCU\SOFTWARE\VirtuaMedia
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\Wallpapers Bot
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinSTEP2000
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\Xilisoft
HKCU\SOFTWARE\XinYi Network
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\Yamicsoft
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\Zemana
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\MarkAny
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint

---\\ Contents of the Common Files folders (405) - 34s
O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\7-Zip
O43 - CFD: 27/09/2015 - [] D -- C:\Program Files (x86)\Acronis
O43 - CFD: 08/10/2015 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 10/10/2015 - [] D -- C:\Program Files (x86)\Al-Resalah
O43 - CFD: 14/08/2015 - [] D -- C:\Program Files (x86)\AMD
O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\AMD PRO Control Center
O43 - CFD: 22/10/2015 - [] D -- C:\Program Files (x86)\AOMEI Partition Assistant Pro Edition 5.8
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Ashampoo
O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\Aurora3D
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\AutoPlay Media Studio 8 Trial
O43 - CFD: 08/10/2015 - [] D -- C:\Program Files (x86)\Ayat
O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\Bass Audio Decoder
O43 - CFD: 19/08/2015 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 04/08/2015 - [] D -- C:\Program Files (x86)\Canon
O43 - CFD: 05/10/2015 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Cool Record Edit Deluxe
O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\DCoder Image Source
O43 - CFD: 15/08/2015 - [] D -- C:\Program Files (x86)\DFX
O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\DirectVobSub
O43 - CFD: 16/08/2015 - [] D -- C:\Program Files (x86)\Driver Magician
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\FastStone Capture
O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\ffdshow
O43 - CFD: 29/10/2015 - [] D -- C:\Program Files (x86)\Flash Memory Toolkit
O43 - CFD: 22/10/2015 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 15/08/2015 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 21/08/2015 - [] D -- C:\Program Files (x86)\HT
O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\i-Funbox DevTeam
O43 - CFD: 08/10/2015 - [] HD -- C:\Program Files (x86)\InstallJammer Registry
O43 - CFD: 06/11/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/08/2015 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 05/10/2015 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\IObit
O43 - CFD: 16/08/2015 - [] D -- C:\Program Files (x86)\iRoot
O43 - CFD: 08/08/2015 - [] D -- C:\Program Files (x86)\ISO to USB
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 01/11/2015 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 02/11/2015 - [] RSHD -- C:\Program Files (x86)\KK
O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\Kodi
O43 - CFD: 02/11/2015 - [] D -- C:\Program Files (x86)\LAV Filters
O43 - CFD: 06/10/2015 - [] D -- C:\Program Files (x86)\LINE
O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\MadVR
O43 - CFD: 08/08/2015 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 25/08/2015 - [] D -- C:\Program Files (x86)\MarkAny
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 22/10/2015 - [] D -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 SDK
O43 - CFD: 10/11/2015 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 04/08/2015 - [] D -- C:\Program Files (x86)\NewBlue
O43 - CFD: 21/08/2015 - [0] D -- C:\Program Files (x86)\NirSoft
O43 - CFD: 06/10/2015 - [] D -- C:\Program Files (x86)\Paltalk Messenger
O43 - CFD: 02/11/2015 - [] RSHD -- C:\Program Files (x86)\PW
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files (x86)\QuickTime
O43 - CFD: 17/10/2015 - [] D -- C:\Program Files (x86)\Raptr
O43 - CFD: 05/10/2015 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 26/09/2015 - [] D -- C:\Program Files (x86)\Resource Hacker
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\RocketDock
O43 - CFD: 10/11/2015 - [] D -- C:\Program Files (x86)\RSUPPORT
O43 - CFD: 11/11/2015 - [] D -- C:\Program Files (x86)\Samsung
O43 - CFD: 10/11/2015 - [] D -- C:\Program Files (x86)\ScreenTask
O43 - CFD: 19/10/2015 - [] D -- C:\Program Files (x86)\Shark Mwssenger
O43 - CFD: 11/08/2015 - [] D -- C:\Program Files (x86)\ShiningMorning
O43 - CFD: 16/10/2015 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 04/08/2015 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 24/10/2015 - [] D -- C:\Program Files (x86)\StreamingStar
O43 - CFD: 16/10/2015 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 05/10/2015 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\TopTv
O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\TV 3L PC
O43 - CFD: 03/08/2015 - [] D -- C:\Program Files (x86)\UltraISO
O43 - CFD: 30/08/2015 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 22/10/2015 - [] D -- C:\Program Files (x86)\Wallpapers Bot
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files (x86)\WebcamMax
O43 - CFD: 05/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 05/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 05/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 10/07/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 10/07/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 24/10/2015 - [] D -- C:\Program Files (x86)\WinPcap
O43 - CFD: 04/10/2015 - [] D -- C:\Program Files (x86)\Winstep
O43 - CFD: 14/10/2015 - [] D -- C:\Program Files (x86)\Xilisoft
O43 - CFD: 18/10/2015 - [] D -- C:\Program Files (x86)\Zoom Player
O43 - CFD: 18/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 05/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 10/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 09/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
O43 - CFD: 10/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
O43 - CFD: 09/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
O43 - CFD: 09/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
O43 - CFD: 18/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD PRO Control Center
O43 - CFD: 09/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
O43 - CFD: 10/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Pro Edition 5.8
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora 3D Animation Maker
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 03/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Record Edit Deluxe
O43 - CFD: 15/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
O43 - CFD: 25/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
O43 - CFD: 16/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Magician
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
O43 - CFD: 18/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Memory Toolkit
O43 - CFD: 22/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
O43 - CFD: 14/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Indigo Rose Corporation
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
O43 - CFD: 16/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot
O43 - CFD: 08/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB
O43 - CFD: 22/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
O43 - CFD: 06/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 08/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
O43 - CFD: 13/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 11/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK
O43 - CFD: 05/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
O43 - CFD: 11/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
O43 - CFD: 08/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
O43 - CFD: 22/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 26/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
O43 - CFD: 10/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSUPPORT
O43 - CFD: 11/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 19/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark Mwssenger
O43 - CFD: 27/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 26/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar
O43 - CFD: 10/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TV 3L PC
O43 - CFD: 03/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 15/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
O43 - CFD: 05/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Streaming
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebcamMax
O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 04/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winstep
O43 - CFD: 11/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinToUSB
O43 - CFD: 18/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom Player
O43 - CFD: 22/08/2015 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Acoustica
O43 - CFD: 08/10/2015 - [] D -- C:\ProgramData\Acronis
O43 - CFD: 08/10/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 09/10/2015 - [] D -- C:\ProgramData\AMD
O43 - CFD: 22/08/2015 - [] D -- C:\ProgramData\Apple
O43 - CFD: 22/08/2015 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Ashampoo
O43 - CFD: 09/10/2015 - [] D -- C:\ProgramData\ATI
O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\Attabari01
O43 - CFD: 03/11/2015 - [0] D -- C:\ProgramData\Avg
O43 - CFD: 08/08/2015 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 04/08/2015 - [] HD -- C:\ProgramData\CanonBJ
O43 - CFD: 04/08/2015 - [0] HD -- C:\ProgramData\CanonEPP
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\CanonIJ
O43 - CFD: 04/08/2015 - [0] HD -- C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 05/08/2015 - [] HD -- C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\CanonIJPLM
O43 - CFD: 02/11/2015 - [] HD -- C:\ProgramData\CanonIJScan
O43 - CFD: 04/08/2015 - [] HD -- C:\ProgramData\CanonIJSolutionMenuEX
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\CanonIJWSpt
O43 - CFD: 05/10/2015 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 10/07/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 02/08/2015 - [0] SHD -- C:\ProgramData\Datos de programa
O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 02/08/2015 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 22/08/2015 - [] D -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 21/08/2015 - [] D -- C:\ProgramData\EMX
O43 - CFD: 02/08/2015 - [0] SHD -- C:\ProgramData\Escritorio
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\eSellerate
O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\ESET
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\FastStone
O43 - CFD: 15/08/2015 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 21/08/2015 - [] D -- C:\ProgramData\htpm
O43 - CFD: 02/08/2015 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\IndigoRose
O43 - CFD: 31/10/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\Malwarebytes Anti-Exploit
O43 - CFD: 17/08/2015 - [0] D -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
O43 - CFD: 02/08/2015 - [0] SHD -- C:\ProgramData\Menú Inicio
O43 - CFD: 03/11/2015 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 23/10/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 10/11/2015 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 03/08/2015 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 22/10/2015 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 15/08/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 02/08/2015 - [0] SHD -- C:\ProgramData\Plantillas
O43 - CFD: 10/11/2015 - [] D -- C:\ProgramData\ProductData =>PUP.Optional.Generic
O43 - CFD: 13/10/2015 - [] D -- C:\ProgramData\QFX Software
O43 - CFD: 03/08/2015 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 04/11/2015 - [] D -- C:\ProgramData\RogueKiller
O43 - CFD: 25/08/2015 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 27/08/2015 - [] D -- C:\ProgramData\Skype
O43 - CFD: 10/07/2015 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\Sony
O43 - CFD: 21/08/2015 - [] D -- C:\ProgramData\SSK
O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\Sun
O43 - CFD: 02/08/2015 - [] D -- C:\ProgramData\Synaptics
O43 - CFD: 02/08/2015 - [0] D -- C:\ProgramData\TEMP
O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 15/08/2015 - [] D -- C:\ProgramData\VMware
O43 - CFD: 07/10/2015 - [] D -- C:\ProgramData\WebcamMax
O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\Zoom Player
O43 - CFD: 06/08/2015 - [0] HDC -- C:\ProgramData\{02A8F2F7-A05E-4DC5-950D-52243BB4C610}
O43 - CFD: 08/08/2015 - [] D -- C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
O43 - CFD: 22/08/2015 - [] D -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 02/08/2015 - [0] D -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
O43 - CFD: 14/08/2015 - [] D -- C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 27/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Acronis
O43 - CFD: 04/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 08/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 25/10/2015 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 15/08/2015 - [] D -- C:\Program Files (x86)\Common Files\DFX
O43 - CFD: 04/08/2015 - [] D -- C:\Program Files (x86)\Common Files\eSellerate
O43 - CFD: 03/08/2015 - [] D -- C:\Program Files (x86)\Common Files\EZB Systems
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\IObit
O43 - CFD: 01/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 27/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 05/10/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Acoustica
O43 - CFD: 03/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Acronis
O43 - CFD: 08/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Adobe
O43 - CFD: 03/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\AMD
O43 - CFD: 31/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Apple Computer
O43 - CFD: 07/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Ashampoo
O43 - CFD: 16/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\ATI
O43 - CFD: 05/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\AVG
O43 - CFD: 02/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Canon
O43 - CFD: 09/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Cool Record Edit Deluxe
O43 - CFD: 11/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\DMCache
O43 - CFD: 16/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Driver Magician
O43 - CFD: 10/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\dvdcss
O43 - CFD: 09/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\EFA16696-A955-4061-9881-1021F7D769E7
O43 - CFD: 21/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\EMX
O43 - CFD: 11/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Everything
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\FastStone
O43 - CFD: 08/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Hewlett-Packard
O43 - CFD: 15/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\hpqLog
O43 - CFD: 02/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\IDM
O43 - CFD: 30/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\iFunbox_UserCache
O43 - CFD: 03/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\IndigoRose
O43 - CFD: 30/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\IObit
O43 - CFD: 05/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Jiiix
O43 - CFD: 08/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Kodi
O43 - CFD: 16/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\library_dir
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Macromedia
O43 - CFD: 16/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\mgyun
O43 - CFD: 05/08/2015 - [] SD -- C:\Users\hmayt\AppData\Roaming\Microsoft
O43 - CFD: 03/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Mozilla
O43 - CFD: 30/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\MyTotalTV
O43 - CFD: 11/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Obsidium
O43 - CFD: 06/10/2015 - [0] D -- C:\Users\hmayt\AppData\Roaming\Opera Software
O43 - CFD: 07/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Paltalk
O43 - CFD: 08/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Process Hacker 2
O43 - CFD: 10/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\ProductData
O43 - CFD: 04/08/2015 - [0] D -- C:\Users\hmayt\AppData\Roaming\Publish Providers
O43 - CFD: 13/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\QFX Software
O43 - CFD: 17/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Raptr
O43 - CFD: 07/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\REAPER
O43 - CFD: 19/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\redsn0w
O43 - CFD: 10/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Rsupport
O43 - CFD: 08/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\sa.edu.ksa.ayat
O43 - CFD: 11/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Samsung
O43 - CFD: 16/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Shuame
O43 - CFD: 19/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Skype
O43 - CFD: 14/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Sony
O43 - CFD: 31/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Sony Creative Software Inc
O43 - CFD: 19/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Sun
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Synaptics
O43 - CFD: 02/08/2015 - [0] D -- C:\Users\hmayt\AppData\Roaming\SynthMaker
O43 - CFD: 24/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\TeamViewer
O43 - CFD: 17/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\TeraCopy
O43 - CFD: 05/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\TuneUp Software
O43 - CFD: 22/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\uTorrent
O43 - CFD: 01/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\ViberPC
O43 - CFD: 25/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\vlc
O43 - CFD: 15/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\VMware
O43 - CFD: 24/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Wallpapers Bot
O43 - CFD: 07/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\WebcamMax
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\WinRAR
O43 - CFD: 14/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Xilisoft
O43 - CFD: 09/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Yamicsoft
O43 - CFD: 11/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\ZHP
O43 - CFD: 22/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\Adobe
O43 - CFD: 16/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\AMD
O43 - CFD: 16/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\AppEx Networks
O43 - CFD: 04/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Apple
O43 - CFD: 14/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\Apple Computer
O43 - CFD: 11/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\Apps
O43 - CFD: 02/08/2015 - [0] SHD -- C:\Users\hmayt\AppData\Local\Archivos temporales de Internet
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\ashampoo
O43 - CFD: 16/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\ATI
O43 - CFD: 30/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Aurora 3D Animation Maker
O43 - CFD: 03/11/2015 - [] D -- C:\Users\hmayt\AppData\Local\Avg
O43 - CFD: 06/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\AVG Web TuneUp =>Toolbar.AVGSafeGuard
O43 - CFD: 01/11/2015 - [] D -- C:\Users\hmayt\AppData\Local\AvgSetupLog
O43 - CFD: 11/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\BEMBARKA
O43 - CFD: 05/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\CEF
O43 - CFD: 07/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Collection
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Comms
O43 - CFD: 30/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Configure
O43 - CFD: 10/11/2015 - [] D -- C:\Users\hmayt\AppData\Local\CrashDumps
O43 - CFD: 02/08/2015 - [0] SHD -- C:\Users\hmayt\AppData\Local\Datos de programa
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\DFX
O43 - CFD: 27/10/2015 - [0] D -- C:\Users\hmayt\AppData\Local\Diagnostics
O43 - CFD: 25/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Downloaded Installations
O43 - CFD: 02/11/2015 - [] D -- C:\Users\hmayt\AppData\Local\ESET
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\FastStone
O43 - CFD: 30/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Geckofx
O43 - CFD: 04/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\Google
O43 - CFD: 14/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Hewlett-Packard
O43 - CFD: 02/08/2015 - [0] SHD -- C:\Users\hmayt\AppData\Local\Historial
O43 - CFD: 06/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\LINE
O43 - CFD: 18/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Macromedia
O43 - CFD: 08/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Mega Limited
O43 - CFD: 08/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\MEGAsync
O43 - CFD: 05/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\MFAData
O43 - CFD: 27/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\Microsoft
O43 - CFD: 02/08/2015 - [0] D -- C:\Users\hmayt\AppData\Local\Microsoft Help
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\MicrosoftEdge
O43 - CFD: 03/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Mozilla
O43 - CFD: 11/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\MSfree Inc
O43 - CFD: 23/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\MyLanViewer
O43 - CFD: 02/08/2015 - [0] D -- C:\Users\hmayt\AppData\Local\NetworkTiles
O43 - CFD: 06/10/2015 - [0] D -- C:\Users\hmayt\AppData\Local\Opera Software
O43 - CFD: 06/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\Package Cache
O43 - CFD: 14/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\Packages
O43 - CFD: 14/10/2015 - [0] D -- C:\Users\hmayt\AppData\Local\PackageStaging
O43 - CFD: 02/08/2015 - [0] D -- C:\Users\hmayt\AppData\Local\PeerDistRepub
O43 - CFD: 06/11/2015 - [] D -- C:\Users\hmayt\AppData\Local\ProgDVB
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Programs
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Publishers
O43 - CFD: 25/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Samsung
O43 - CFD: 27/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Skype
O43 - CFD: 30/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Smart_PC_Soft
O43 - CFD: 04/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Sony
O43 - CFD: 04/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Sun
O43 - CFD: 05/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\TeamViewer
O43 - CFD: 11/11/2015 - [] D -- C:\Users\hmayt\AppData\Local\Temp
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\TileDataLayer
O43 - CFD: 06/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\Viber
O43 - CFD: 22/10/2015 - [] D -- C:\Users\hmayt\AppData\Local\VirtualStore
O43 - CFD: 11/08/2015 - [0] D -- C:\Users\hmayt\AppData\Local\VMware
O43 - CFD: 27/09/2015 - [] D -- C:\Users\hmayt\AppData\Local\WDSetup
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Local\Zemana
O43 - CFD: 10/07/2015 - [] RD -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 29/08/2015 - [] RD -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 04/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACCV
O43 - CFD: 02/11/2015 - [0] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
O43 - CFD: 02/11/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 7 (64-bit)
O43 - CFD: 16/10/2015 - [] RD -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 11/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Al-Resalah
O43 - CFD: 11/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 30/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
O43 - CFD: 10/07/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 08/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
O43 - CFD: 06/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
O43 - CFD: 21/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PM Personal Monitor
O43 - CFD: 01/09/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProgDVB
O43 - CFD: 16/10/2015 - [] RD -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 10/07/2015 - [] RD -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 22/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wallpapers Bot
O43 - CFD: 11/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
O43 - CFD: 10/07/2015 - [] RSD -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 02/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 14/10/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
O43 - CFD: 09/08/2015 - [] D -- C:\Users\hmayt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft

---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\hmayt\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll ©
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\hmayt\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll ©
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\hmayt\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll ©
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\hmayt\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll ©
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\hmayt\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll ©
O106 - SIOI: Acronis True Image Shell Sync Error Icon Overlay Extension [AcronisSyncError] - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}. (.Acronis - Acronis True Image Shell Extensions.) -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll ©
O106 - SIOI: Acronis True Image Shell Sync In Progress Icon Overlay Extension [AcronisSyncInProgress] - {00F848DC-B1D4-4892-9C25-CAADC86A215D}. (.Acronis - Acronis True Image Shell Extensions.) -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll ©
O106 - SIOI: Acronis True Image Shell Sync Ok Icon Overlay Extension [AcronisSyncOk] - {71573297-552E-46fc-BE3D-3DFAF88D47B7}. (.Acronis - Acronis True Image Shell Extensions.) -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll ©

---\\ System Drivers List (97) - 11s
O58 - SDL:2015/07/10 11:59:38 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [107360] ©
O58 - SDL:2015/06/29 08:27:42 A . (.Hewlett-Packard - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [53424] ©
O58 - SDL:2015/07/10 11:59:38 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [1135456] ©
O58 - SDL:2015/09/25 16:55:05 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\drivers\amdacpksd.sys [306424] ©
O58 - SDL:2015/06/03 14:35:36 A . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmafd.sys [31992] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [83296] ©
O58 - SDL:2015/07/10 11:59:38 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [26976] ©
O58 - SDL:2015/08/02 18:38:10 A . (.Zemana Ltd. - Zemana AntiLogger Driver.) -- C:\Windows\System32\drivers\AntiLog64.sys [49752]
O58 - SDL:2015/04/03 00:14:26 N . (.AppEx Networks Corporation - AppEx Accelerator LWF/WFP Driver L.E..) -- C:\Windows\System32\drivers\appexDrv.sys [229056] ©
O58 - SDL:2015/07/10 11:59:38 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [131936] ©
O58 - SDL:2015/07/22 00:42:04 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdWT6.sys [102912] ©
O58 - SDL:2015/09/25 16:55:16 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [21631512] ©
O58 - SDL:2015/09/25 16:55:16 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [673816] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] ©
O58 - SDL:2015/10/04 22:55:49 A . (.C-MEDIA - C-MEDIA USB Audio Class 1.0 and 2.0 Device.) -- C:\Windows\System32\drivers\CMUAC.SYS [661760]
O58 - SDL:2012/12/13 16:41:10 A . (.Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx11_1x64.sys [28008] ©
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [264040] ©
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET ELAM driver.) -- C:\Windows\System32\drivers\eelam.sys [14976] ©
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [186784] ©
O58 - SDL:2015/10/07 06:16:32 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [142976] ©
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [206312] ©
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [52872] ©
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [69840] ©
O58 - SDL:2015/07/10 11:59:38 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3436896] ©
O58 - SDL:2015/09/27 16:19:26 A . (.Acronis International GmbH - File tracker minifilter driver.) -- C:\Windows\System32\drivers\file_tracker.sys [323040] ©
O58 - SDL:2015/09/27 16:26:34 A . (.Acronis International GmbH - Acronis Storage Filter Management Driver.) -- C:\Windows\System32\drivers\fltsrv.sys [160736] ©
O58 - SDL:2015/08/09 01:01:18 A . (.Acronis International GmbH - Acronis Storage Filter Management Driver.) -- C:\Windows\System32\drivers\fltsrv2159.sys [126752] ©
O58 - SDL:2015/08/09 00:39:03 A . (.Acronis International GmbH - Acronis Storage Filter Management Driver.) -- C:\Windows\System32\drivers\fltsrv2173.sys [134432] ©
O58 - SDL:2015/09/27 15:20:44 A . (.Acronis International GmbH - Acronis Storage Filter Management Driver.) -- C:\Windows\System32\drivers\fltsrv2195.sys [160736] ©
O58 - SDL:2009/05/18 12:17:08 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [34152] ©
O58 - SDL:2015/06/29 08:27:42 A . (.Hewlett-Packard - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [40624] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] ©
O58 - SDL:2015/07/10 11:59:36 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128] ©
O58 - SDL:2015/07/10 11:59:36 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [122608] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\Windows\System32\drivers\iaStorAV.sys [673120] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\Windows\System32\drivers\ibbus.sys [424800] ©
O58 - SDL:2015/06/12 03:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] ©
O58 - SDL:2013/12/12 11:24:38 A . (.Zemana Ltd. - Zemana AntiLogger SDK.) -- C:\Windows\System32\drivers\KeyCrypt64.sys [25056]
O58 - SDL:2015/07/10 11:59:38 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [108896] ©
O58 - SDL:2015/07/10 11:59:38 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2i.sys [104800] ©
O58 - SDL:2015/07/10 11:59:38 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3i.sys [99168] ©
O58 - SDL:2015/07/10 11:59:38 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] ©
O58 - SDL:2015/10/05 08:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816] ©
O58 - SDL:2015/10/05 08:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272] ©
O58 - SDL:2015/11/11 12:21:13 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [136408] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [59744] ©
O58 - SDL:2015/07/10 11:59:39 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - MLX4 Bus Driver.) -- C:\Windows\System32\drivers\mlx4_bus.sys [705376] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] ©
O58 - SDL:2015/10/05 08:50:22 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64216] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\Windows\System32\drivers\ndfltr.sys [76128] ©
O58 - SDL:2015/10/12 15:12:29 A . (.MediaTek Inc. - MediaTek 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28ux.sys [2241848]
O58 - SDL:2009/10/20 19:19:54 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [47632] ©
O58 - SDL:2015/07/10 11:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] ©
O58 - SDL:2015/07/10 11:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166240] ©
O58 - SDL:2015/07/10 11:59:39 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\percsas2i.sys [58208] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\percsas3i.sys [58720] ©
O58 - SDL:2015/08/08 18:18:49 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [830680] ©
O58 - SDL:2015/09/25 16:58:58 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\Windows\System32\drivers\rt640x64.sys [888064] ©
O58 - SDL:2015/10/05 22:08:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4515584] ©
O58 - SDL:2015/08/02 16:34:01 A . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\RTL8187.sys [448512] ©
O58 - SDL:2015/11/01 14:04:21 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsP2Stor.sys [302808] ©
O58 - SDL:2015/09/25 20:04:47 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 37581.) -- C:\Windows\System32\drivers\rtwlane.sys [4629744] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] ©
O58 - SDL:2015/08/02 16:27:28 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_AMDASF_Aux.sys [42184] ©
O58 - SDL:2015/08/02 16:27:28 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel_Aux.sys [42696] ©
O58 - SDL:2015/09/27 16:26:35 A . (.Acronis International GmbH - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snapman.sys [333280] ©
O58 - SDL:2015/08/09 01:01:20 A . (.Acronis International GmbH - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snapman2308.sys [319776] ©
O58 - SDL:2015/08/09 00:39:06 A . (.Acronis International GmbH - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snapman2346.sys [304416] ©
O58 - SDL:2015/09/27 16:19:10 A . (.Acronis International GmbH - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snapman2447.sys [333280] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] ©
O58 - SDL:2015/08/02 16:27:32 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\Windows\System32\drivers\SynTP.sys [614088] ©
O58 - SDL:2015/08/24 20:45:40 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tapvyprvpn.sys [44896] ©
O58 - SDL:2015/09/27 16:26:41 A . (.Acronis International GmbH - Acronis Backup Archive Explorer.) -- C:\Windows\System32\drivers\tib.sys [1057728] ©
O58 - SDL:2015/08/09 01:01:22 A . (.Acronis International GmbH - Acronis Backup Archive Explorer.) -- C:\Windows\System32\drivers\tib1061.sys [1328928] ©
O58 - SDL:2015/08/09 00:39:08 A . (.Acronis International GmbH - Acronis Backup Archive Explorer.) -- C:\Windows\System32\drivers\tib1102.sys [1058632] ©
O58 - SDL:2015/09/27 16:26:41 A . (.Acronis International GmbH - Acronis TIB Mounter Driver.) -- C:\Windows\System32\drivers\tib_mounter.sys [198088] ©
O58 - SDL:2015/09/27 16:26:43 A . (.Acronis International GmbH - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\System32\drivers\tnd.sys [553912] ©
O58 - SDL:2015/11/04 12:23:16 A . (...) -- C:\Windows\System32\drivers\TrueSight.sys [35064]
O58 - SDL:2015/07/10 11:59:48 A . (...) -- C:\Windows\System32\drivers\Udecx.sys [44032]
O58 - SDL:2012/12/13 12:50:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [54784] ©
O58 - SDL:2015/07/14 03:48:44 A . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\drivers\usbfilter.sys [61464] ©
O58 - SDL:2012/03/19 14:12:38 A . (.ShiningMorning Inc. - .) -- C:\Windows\System32\drivers\vasdDev.sys [1454896]
O58 - SDL:2013/07/11 07:57:16 A . (.Windows (R) Win 7 DDK provider - VB Virtual Audio Device.) -- C:\Windows\System32\drivers\vbaudio_cable64_win7.sys [41192] ©
O58 - SDL:2015/08/15 22:24:55 A . (.Eugene V. Muzychenko - Kernel-mode WDM driver.) -- C:\Windows\System32\drivers\vrtaucbl.sys [66728] ©
O58 - SDL:2015/07/10 11:59:39 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [166752] ©
O58 - SDL:2015/07/10 11:59:39 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - Kernel WinMad.) -- C:\Windows\System32\drivers\winmad.sys [26976] ©
O58 - SDL:2015/07/10 11:59:39 A . (.Mellanox - Kernel WinVerbs.) -- C:\Windows\System32\drivers\winverbs.sys [59232] ©
O58 - SDL:2015/11/01 14:04:09 A . (.HP - HP Wireless Button Driver.) -- C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544] ©
O58 - SDL:2013/12/18 10:33:16 A . (...) -- C:\Windows\System32\ampa.sys [17008]
O58 - SDL:2013/09/30 15:26:50 N . (...) -- C:\Windows\System32\pwdrvio.sys [19152]
O58 - SDL:2013/08/26 10:52:54 N . (...) -- C:\Windows\System32\pwdspio.sys [12384]

---\\ Last modified or created user files (6) - 46s
O61 - LFC: 2015/11/10 21:26:17 A . (..) -- C:\Users\hmayt\AppData\Roaming\AMD\GLCache\54deae84c8724e61_26.bin [25259]
O61 - LFC: 2015/11/10 21:53:25 A . (..) -- C:\Users\hmayt\AppData\Roaming\AMD\GLCache\5b29effe650b9c07_26.bin [180424]
O61 - LFC: 2015/11/06 12:43:11 A . (..) -- C:\Users\hmayt\AppData\Roaming\AMD\GLCache\c00bf9d5c771e575_26.bin [236277]
O61 - LFC: 2015/11/06 12:41:46 A . (..) -- C:\Users\hmayt\AppData\Local\Sony\Vegas Pro\13.0\svfx_plugin_cache.bin [32992]
O61 - LFC: 2015/11/11 12:23:59 A . (..) -- C:\Users\hmayt\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
O61 - LFC: 2015/11/11 12:21:15 A . (..) -- C:\Users\hmayt\AppData\Local\ATI\ACE\Manifest.Bin [30042]

---\\ File Associations Shell Spawning (9) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe ©

---\\ Search Browser Infection (2) - 16s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {2B2FAC95-550D-4D6F-85A9-7D78CBCCA6A6} - (Yahoo Search) - http://es.search.yahoo.com/

---\\ Search Svchost Services (42) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [283136] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll [1335296] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [954368] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [954880] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\System32\seclogon.dll [31232] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [93696] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [151040] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [106496] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\System32\schedsvc.dll [1008640] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [226304] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [133120] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [324608] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [371200] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll [95744] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [2093056] ©
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\Windows\System32\dcpsvc.dll [196096] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [167424] ©
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll [187392] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [106496] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [679936] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [497152] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [72192] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [452608] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\System32\wuaueng.dll [2236416] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1168896] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll [593920] ©
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [63488] ©
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [1149440] ©
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [1019392] ©
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [343040] ©
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [713216] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] ©
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [267776] ©
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [918016] ©
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\Windows\System32\RDXService.dll [1010176] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [359936] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [237568] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [58368] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll [200192] ©

---\\ Firewall Active Exception List (18) - 4s
O87 - FAEL: "{02653D62-5F9E-4392-8445-C8A5FA3FFC2E}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\hmayt\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{7D365191-F1B0-4498-8BB1-09FC5C055903}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\hmayt\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{41462779-07C4-48E3-BFB4-CB016EF31AAD}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\hmayt\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{DFAEB8D2-0E78-44CE-845B-F59CDC1F9F1D}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\hmayt\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{ACFE3BD6-763F-4ED0-9A86-EFAA68130AC0}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\hmayt\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{3CB17FC4-4FC1-4AE4-A64A-FE12D1532D17}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\hmayt\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{8394E3FF-9E2B-4266-884C-BB3EE8F08AE2}C:\program files\progdvb\progdvbnet.exe" [In-None-P6-TRUE] .(.Prog - ProgDvbNet.) -- C:\program files\progdvb\progdvbnet.exe
O87 - FAEL: "UDP Query User{B0380D36-0A33-4123-A3A5-0F7513038FCC}C:\program files\progdvb\progdvbnet.exe" [In-None-P17-TRUE] .(.Prog - ProgDvbNet.) -- C:\program files\progdvb\progdvbnet.exe
O87 - FAEL: "TCP Query User{5461D366-13D0-4EB1-9B48-9AD960B0EFBB}C:\program files (x86)\paltalk messenger\paltalk.exe" [In-None-P6-TRUE] .(.AVM Software Inc. - Paltalk Messenger.) -- C:\program files (x86)\paltalk messenger\paltalk.exe
O87 - FAEL: "UDP Query User{44CB49A9-ABD9-4DB6-B976-864EFE34E8DD}C:\program files (x86)\paltalk messenger\paltalk.exe" [In-None-P17-TRUE] .(.AVM Software Inc. - Paltalk Messenger.) -- C:\program files (x86)\paltalk messenger\paltalk.exe
O87 - FAEL: "TCP Query User{4ACFB7A1-F5C6-4612-A518-61A05B614C8F}S:\juegos\pc juegos\motogp2 by lmodni\motogp2 by lmodni\motogp2_demo.exe" [In-None-P6-TRUE] .(...) -- S:\juegos\pc juegos\motogp2 by lmodni\motogp2 by lmodni\motogp2_demo.exe
O87 - FAEL: "UDP Query User{1258FC7D-0C23-4448-A59C-55D3269CFBEE}S:\juegos\pc juegos\motogp2 by lmodni\motogp2 by lmodni\motogp2_demo.exe" [In-None-P17-TRUE] .(...) -- S:\juegos\pc juegos\motogp2 by lmodni\motogp2 by lmodni\motogp2_demo.exe
O87 - FAEL: "TCP Query User{05AB2D14-63C5-458F-A65B-AAEB29948C97}C:\users\hmayt\appdata\roaming\kodi\userdata\addon_data\plugin.video.pulsar\bin\windows_x86\pulsar.exe" [In-None-P6-TRUE] .(...) -- C:\users\hmayt\appdata\roaming\kodi\userdata\addon_data\plugin.video.pulsar\bin\windows_x86\pulsar.exe
O87 - FAEL: "UDP Query User{DF68F676-85C3-4B92-BBEB-BF7E1CCD9BA0}C:\users\hmayt\appdata\roaming\kodi\userdata\addon_data\plugin.video.pulsar\bin\windows_x86\pulsar.exe" [In-None-P17-TRUE] .(...) -- C:\users\hmayt\appdata\roaming\kodi\userdata\addon_data\plugin.video.pulsar\bin\windows_x86\pulsar.exe
O87 - FAEL: "TCP Query User{7732AB4B-D767-4DBA-A595-D34E104CD87C}C:\users\hmayt\appdata\roaming\kodi\userdata\addon_data\plugin.video.pulsar\bin\windows_x86\pulsar.exe" [In-None-P6-TRUE] .(...) -- C:\users\hmayt\appdata\roaming\kodi\userdata\addon_data\plugin.video.pulsar\bin\windows_x86\pulsar.exe
O87 - FAEL: "UDP Query User{F6B7E4C3-A58F-4259-A7E3-9EE9C6746C12}C:\users\hmayt\appdata\roaming\kodi\userdata\addon_data\plugin.video.pulsar\bin\windows_x86\pulsar.exe" [In-None-P17-TRUE] .(...) -- C:\users\hmayt\appdata\roaming\kodi\userdata\addon_data\plugin.video.pulsar\bin\windows_x86\pulsar.exe
O87 - FAEL: "{BCF7F124-C387-415A-8D86-506817E44357}" [In-None-P6-TRUE] .(.Copyright(c) 2013 Samsung Electronics Co., Ltd. All r - SideSync 4.0.) -- C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
O87 - FAEL: "{8982DDE0-4AFF-4A88-B0A4-257C8DBC1B13}" [In-None-P17-TRUE] .(.Copyright(c) 2013 Samsung Electronics Co., Ltd. All r - SideSync 4.0.) -- C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe

---\\ Services not Microsoft (SR=Run, SS=Stop) (32) - 67s

SS - Demand [23/09/2015] [ 1137168] Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ©
SS - Demand [14/09/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [11/11/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [22/07/2015] [ 680112] (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe ©
SR - Auto [29/09/2015] [ 946976] Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ©
SR - Auto [25/09/2015] [ 255512] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe ©
SR - Auto [03/08/2015] [ 344064] AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe ©
SR - Auto [21/12/2012] [ 57008] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
SR - Auto [30/08/2011] [ 462184] Servicio Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe ©
SR - Auto [09/10/2015] [ 2505472] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe ©
SR - Auto [06/08/2014] [ 1441792] Everything (Everything) . (.Copyright (C) 2014 David Carpenter.) - C:\Program Files\Everything\Everything.exe ©
SS - Auto [22/10/2015] [ 144200] Servicio de Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [22/10/2015] [ 144200] Servicio de Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SR - Demand [28/04/2015] [ 1102472] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe ©
SR - Auto [29/06/2015] [ 54448] @oem21.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe ©
SR - Auto [28/09/2015] [ 25800] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe ©
SS - Demand [16/08/2013] [ 641352] Servicio del iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe ©
SR - Auto [09/10/2015] [ 2934048] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe ©
SR - Auto [22/07/2015] [ 713016] Malwarebytes Anti-Exploit Service (MbaeSvc) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe ©
SR - Auto [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SR - Auto [17/03/2015] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Disabled [11/08/2015] [ 4884064] Acronis Managed Machine Service Mini (mmsminisrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe ©
SS - Auto [14/08/2015] [ 3353360] Mobizen plugin (Mobizen plugin) . (.Rsupport Corporation.) - C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe
SS - Demand [09/11/2015] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SS - Demand [20/10/2009] [ 117264] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe ©
SR - Auto [05/10/2015] [ 303360] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ©
SS - Demand [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SR - Auto [09/07/2015] [ 745224] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe ©
SR - Auto [10/09/2015] [ 7637744] Acronis Sync Agent Service (syncagentsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ©
SR - Auto [02/08/2015] [ 246472] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ©
SR - Auto [11/09/2015] [ 5702416] TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ©

---\\ Additional Scan (O88) (7) - 0s
HKLM\SOFTWARE\Wow6432Node\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKCU\SOFTWARE\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\ProductData =>PUP.Optional.Generic
C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
C:\Users\hmayt\AppData\Local\AVG Web TuneUp =>Toolbar.AVGSafeGuard

---\\ Summary of the elements found (4) - 0s
http://www.nicolascoolman.fr/blog =>Toolbar.AVGSafeGuard
http://www.nicolascoolman.fr/adware-tencentaddressbar/ =>PUP.Optional.TencentAddressBar
http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS
http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic

~ End of the scan, 44691 items in 318 seconds (1284)(0)

Publicité


Signaler le contenu de ce document

Publicité